I just published “Password and Credential Management in 2018
”https://medium.com/p/password-and-credential-management-in-2018-56f43669d588 …
-
-
Replying to @harwoeck
I like what you write, but I also have criticism: You give several valid reasons for the domain-personalized client-side pre-hashing, however this may sound like it provides the equivalent of unique passwords even when actual passwords are reused, which it doesn't.
2 replies 0 retweets 4 likes -
Not criticism: BTW, you actually can enforce a trivial password policy - a blacklist of top N otherwise-most-common and/or leaked passwords - even with this pre-hashing, by similarly pre-hashing that blacklist. A Bloom filter can make the check very fast even for huge blacklists.
2 replies 0 retweets 1 like -
Then, you suggest normalizing with SHA3-512 to 64 arbitrary bytes, yet at the same time mention bcrypt's truncation at first NUL. For passing into bcrypt (or another function accepting C string), you need to e.g. hex-encode HMAC-SHA256 (giving 64 ASCII chars, which fits in 72).
1 reply 0 retweets 1 like -
No reason to prefer SHA-3, but a reason to have something like HMAC in there is to avoid the ambiguity in e.g. "passwor" + "domain" vs. "password" + "omain". BTW, bcrypt was introduced in 1997 (code already in use), not 1999 (paper published).
2 replies 0 retweets 1 like -
Memory for scrypt and Argon2 to be obviously stronger than bcrypt against GPUs (not specialized ASICs, where scrypt and Argon2 obviously win even at low memory) is similar (tens of MB), and this does not translate to "multiple seconds" (it's on the order of 100ms latency).
2 replies 0 retweets 1 like
(To be obviously stronger than bcrypt against GPUs even at very low memory, there's yescrypt. It also includes built-in hash encryption. But it didn't win PHC, and I am biased.)
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.